The Value of Backup in your Ransomware Protections Strategy

Every day since the beginning of 2017 a whopping 4000 ransomware attacks occur every day. In this whitepaper, we’ll outline what your ransomware protection strategy should look like, highlighting the value of having a solid backup and recovery plan to ensure you can get the organization back into a state of operation as quickly as possible.

Ransomware: Everyone’s at Risk

If you’re new to the game, ransomware is a form of malware that encrypts anything from specific files up to, and including, entire systems – holding them for ransom (usually paid in bitcoin). It started with attacks impacting single endpoints, but with the advent of ransomware using a set of exploits developed by the NSA that allowed malware to leverage SMB connections to spread between systems, ransomware has become a full-fledged threat.

Today, ransomware is truly a criminal business. Organizations authoring ransomware are keenly aware of the value of the machines and data they are encrypting. Nearly every industry vertical is a target and has been impacted (see below).

Building a Ransomware Protection Strategy

If you were to outline what you want to accomplish with a ransomware protection strategy, the obvious focus is to keep it from ever infecting the organization. But, in reality – as this whitepaper will show – the greater focus needs to be on eliminating the impact of ransomware within the organization. In some cases, you will be able to keep ransomware from ever entering in. But your protection strategy needs to be humble enough to entertain the possibility that ransomware will get through any defenses you stand up, requiring reactive steps to minimize the impact of any encrypted data and systems.

Think of your protection strategy as providing a layered defense in three parts: Prevention, Detection, and Response. Each part of the strategy may utilize a number of methods, as shown below.

Protecting from Ransomware: From Blocking to Backup

Ransomware is a threat that is only growing, becoming more intelligent, intrusive, and negatively impactful. It represents perhaps the single greatest threat to organizations in the near future, already growing well into the billions of dollars in damages annually.

Every organization needs a proactive protection plan in place, ready to thwart off ransomware attacks from ever entering in, stopping those that do make it past your external security layers of defense, and a backup and recovery plan – as part of an overall incident response plan – ready to bring the environment back into a state of operational readiness at a moment’s notice.

About the author

Nick Cavalancia is a Cloud, Virtualization and Data Center Architect.

Nick is an enthusiastic technologist with experience in datacenter design, management, and deployment. His architecture work includes large virtualization and cloud deployments as well as business network design and implementation.